DEV Community

loading...

Discussion on: Pushing Left, Like a Boss! -- Part 2: Security Requirements

shehackspurple profile image
Tanya Janca Author

Browser-Built password management functions are not as secure as as an actual password manager. It is not an overly safe place to keep it. Another reason is that you have no idea who is using your site, nor which computer they are using it from; if someone is in a hostel backpacking across Europe and accidentally says "yes" to the "would you like XYZ browser to save your password?" they have unwittingly saved their password for all the hotel users to use later. Unfortunately we need to design assuming the worst case (public computer, not-technically-savvy user), rather than the best case (for instance you personally, someone who is knowledgable enough to read and understand my blog, is the absolute best case scenario for an app user).

Does this make more sense? Is it helpful?

Also, yes; sadly not all browsers support all of the same features, rules or standards. But we do what we can.

Thread Thread
shehackspurple profile image
Tanya Janca Author

PS Thanks for the really nice comment!